Introduction: Recap of Part 1 and the Purpose of This Article
In Part 1, we explained the concept of Claude Team Agent and the background behind the emergence of multi-agent architecture. In this article, we go one step further and focus on the two core roles that form the heart of Team Agent — the "orchestrator (parent agent)" and the "sub-agent (child agent)" — systematically organizing their respective responsibilities, communication flow, and the mechanism of tool delegation.
What Is an Orchestrator?
The orchestrator receives high-level instructions from the user, decomposes tasks, and delegates them to sub-agents. In Anthropic's official documentation, the structure in which an agent can launch another agent when calling a tool is defined as a "multi-agent network," and the orchestrator sits at the top of that hierarchy [Source: https://docs.anthropic.com/en/docs/build-with-claude/agents].
The orchestrator's primary responsibilities can be summarized in the following three points.
- Task Decomposition: Breaking down complex requests into sub-tasks that can be executed in parallel or sequentially.
- Agent Selection: Choosing the most suitable sub-agent for each sub-task and assigning an appropriate toolset.
- Result Aggregation: Integrating the output of each sub-agent and returning the final response to the user.
This design philosophy is also seen in NVIDIA's NeMo Agent Toolkit, which achieved first place on the DABStep benchmark. In that toolkit, higher-level agents dynamically generate and delegate tools to lower-level agents through "Reusable Tool Generation," processing data analysis tasks in a step-by-step manner [Source: https://huggingface.co/blog/nvidia/nemo-agent-toolkit-data-explorer-dabstep-1st-place].
What Is a Sub-Agent?
A sub-agent is a specialized agent that executes localized tasks received from the orchestrator. Anthropic's documentation explains that sub-agents handle concrete actions such as "calling tools, searching the web, writing and executing code" [Source: https://docs.anthropic.com/en/docs/build-with-claude/agents].
The defining characteristic of a sub-agent is "localized specialization." For example:
- Code Execution Agent: Holds only a Python interpreter tool and is responsible for data transformation processing.
- Search Agent: Holds a web search tool and a summarization tool, dedicated exclusively to information gathering.
- Verification Agent: Plays the role of fact-checking the output of other sub-agents.
This division of labor prevents each agent's context window from becoming bloated, allowing reasoning accuracy to be maintained.
Overview of the Communication Flow
The following text diagram illustrates the communication flow between the orchestrator and sub-agents.
[User] | v (Natural language instruction) [Orchestrator Agent] |-- Task Decomposition --> | | v v [Sub-Agent A] [Sub-Agent B] (Tool: Search) (Tool: CodeExec) | | v v [Result A] [Result B] | | +-------+--------+ | v (Aggregation & formatting) [Orchestrator] | v [User] In the Claude Agent SDK, this communication is realized in the form of tool calls. By having the orchestrator call sub-agents as "tools," the structure allows Claude's own API to be used recursively [Source: https://docs.anthropic.com/en/docs/build-with-claude/agents].
The Mechanism of Tool Delegation
Tool delegation is the process by which the orchestrator explicitly controls "which tools to provide" when spawning a sub-agent. Anthropic's design principles recommend that each agent be given only the "minimum set of tools necessary to complete the task." This is an application of the Principle of Least Privilege to agent design [Source: https://docs.anthropic.com/en/docs/build-with-claude/agents].
As a concrete code example, the Python SDK allows control over tool assignment to sub-agents as follows.
sub_agent = client.beta.messages.create( model="claude-opus-4-5", tools=[search_tool], # Only the search tool is provided messages=[{"role": "user", "content": task_description}] ) The orchestrator itself receives this call as a tool_use block and manages the execution of the sub-agent.
Security and Trust Boundaries
In a multi-agent structure, managing trust boundaries is an important challenge. Anthropic recommends remaining vigilant against prompt injection attacks even in agent-to-agent communication between Claude instances. This is because when a sub-agent processes external data (web pages, files, etc.), there is a risk that malicious content could rewrite the instructions sent to the orchestrator [Source: https://docs.anthropic.com/en/docs/build-with-claude/agents].
As a countermeasure, it is effective to design the system so that sub-agent output is limited to a structured format (such as JSON), with the orchestrator only performing semantic interpretation.
Summary and Connection to Part 3
In this article, we explained the responsibilities, communication flow, and tool delegation mechanism of the two roles — orchestrator and sub-agent. It should now be clear that the combination of task decomposition by the orchestrator and specialized sub-agents underpins the high flexibility and scalability of Team Agent.
In Part 3, we will move on to a step-by-step code walkthrough for implementing this architecture using the Claude Agent SDK. We plan to introduce the complete flow — from defining the orchestrator to spawning sub-agents and aggregating results — together with working code.
Category: LLM | Tags: Claude, マルチエージェント, LLM, AgentSDK, AIエージェント
0 件のコメント:
コメントを投稿